symfony
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/SessionUtils.php‎
Lines changed: 1 addition & 1 deletion b/‎src/Symfony/Component/HttpFoundation/Session/SessionUtils.php‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/AbstractSessionHandler.php‎
Lines changed: 7 additions & 7 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/AbstractSessionHandler.php‎
Lines changed: 7 additions & 7 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MarshallingSessionHandler.php‎
Lines changed: 5 additions & 5 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MarshallingSessionHandler.php‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MemcachedSessionHandler.php‎
Lines changed: 4 additions & 4 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MemcachedSessionHandler.php‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MigratingSessionHandler.php‎
Lines changed: 5 additions & 5 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MigratingSessionHandler.php‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MongoDbSessionHandler.php‎
Lines changed: 4 additions & 4 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/MongoDbSessionHandler.php‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/NullSessionHandler.php‎
Lines changed: 5 additions & 5 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/NullSessionHandler.php‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/PdoSessionHandler.php‎
Lines changed: 9 additions & 9 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/PdoSessionHandler.php‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/RedisSessionHandler.php‎
Lines changed: 4 additions & 4 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/RedisSessionHandler.php‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/StrictSessionHandler.php‎
Lines changed: 5 additions & 5 deletions b/‎src/Symfony/Component/HttpFoundation/Session/Storage/Handler/StrictSessionHandler.php‎
Lines changed: 5 additions & 5 deletions
@@ -25,7 +25,7 @@ final class SessionUtils
      * Finds the session header amongst the headers that are to be sent, removes it, and returns
      * it so the caller can process it further.
      */
-    public static function popSessionCookie(string $sessionName, string $sessionId): ?string
+    public static function popSessionCookie(string $sessionName, #[\SensitiveParameter] string $sessionId): ?string
     {
         $sessionCookie = null;
         $sessionCookiePrefix = sprintf(' %s=', urlencode($sessionName));
 
@@ -38,21 +38,21 @@ public function open(string $savePath, string $sessionName): bool
         return true;
     }
 
-    abstract protected function doRead(string $sessionId): string;
+    abstract protected function doRead(#[\SensitiveParameter] string $sessionId): string;
 
-    abstract protected function doWrite(string $sessionId, string $data): bool;
+    abstract protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool;
 
-    abstract protected function doDestroy(string $sessionId): bool;
+    abstract protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool;
 
-    public function validateId(string $sessionId): bool
+    public function validateId(#[\SensitiveParameter] string $sessionId): bool
     {
         $this->prefetchData = $this->read($sessionId);
         $this->prefetchId = $sessionId;
 
         return '' !== $this->prefetchData;
     }
 
-    public function read(string $sessionId): string
+    public function read(#[\SensitiveParameter] string $sessionId): string
     {
         if (isset($this->prefetchId)) {
             $prefetchId = $this->prefetchId;
@@ -72,7 +72,7 @@ public function read(string $sessionId): string
         return $data;
     }
 
-    public function write(string $sessionId, string $data): bool
+    public function write(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         // see https://github.com/igbinary/igbinary/issues/146
         $this->igbinaryEmptyData ??= \function_exists('igbinary_serialize') ? igbinary_serialize([]) : '';
@@ -84,7 +84,7 @@ public function write(string $sessionId, string $data): bool
         return $this->doWrite($sessionId, $data);
     }
 
-    public function destroy(string $sessionId): bool
+    public function destroy(#[\SensitiveParameter] string $sessionId): bool
     {
         if (!headers_sent() && filter_var(\ini_get('session.use_cookies'), \FILTER_VALIDATE_BOOL)) {
             if (!isset($this->sessionName)) {
 
@@ -37,7 +37,7 @@ public function close(): bool
         return $this->handler->close();
     }
 
-    public function destroy(string $sessionId): bool
+    public function destroy(#[\SensitiveParameter] string $sessionId): bool
     {
         return $this->handler->destroy($sessionId);
     }
@@ -47,12 +47,12 @@ public function gc(int $maxlifetime): int|false
         return $this->handler->gc($maxlifetime);
     }
 
-    public function read(string $sessionId): string
+    public function read(#[\SensitiveParameter] string $sessionId): string
     {
         return $this->marshaller->unmarshall($this->handler->read($sessionId));
     }
 
-    public function write(string $sessionId, string $data): bool
+    public function write(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $failed = [];
         $marshalledData = $this->marshaller->marshall(['data' => $data], $failed);
@@ -64,12 +64,12 @@ public function write(string $sessionId, string $data): bool
         return $this->handler->write($sessionId, $marshalledData['data']);
     }
 
-    public function validateId(string $sessionId): bool
+    public function validateId(#[\SensitiveParameter] string $sessionId): bool
     {
         return $this->handler->validateId($sessionId);
     }
 
-    public function updateTimestamp(string $sessionId, string $data): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         return $this->handler->updateTimestamp($sessionId, $data);
     }
 
@@ -59,19 +59,19 @@ public function close(): bool
         return $this->memcached->quit();
     }
 
-    protected function doRead(string $sessionId): string
+    protected function doRead(#[\SensitiveParameter] string $sessionId): string
     {
         return $this->memcached->get($this->prefix.$sessionId) ?: '';
     }
 
-    public function updateTimestamp(string $sessionId, string $data): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $this->memcached->touch($this->prefix.$sessionId, $this->getCompatibleTtl());
 
         return true;
     }
 
-    protected function doWrite(string $sessionId, string $data): bool
+    protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         return $this->memcached->set($this->prefix.$sessionId, $data, $this->getCompatibleTtl());
     }
@@ -89,7 +89,7 @@ private function getCompatibleTtl(): int
         return $ttl;
     }
 
-    protected function doDestroy(string $sessionId): bool
+    protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool
     {
         $result = $this->memcached->delete($this->prefix.$sessionId);
 
 
@@ -46,7 +46,7 @@ public function close(): bool
         return $result;
     }
 
-    public function destroy(string $sessionId): bool
+    public function destroy(#[\SensitiveParameter] string $sessionId): bool
     {
         $result = $this->currentHandler->destroy($sessionId);
         $this->writeOnlyHandler->destroy($sessionId);
@@ -70,27 +70,27 @@ public function open(string $savePath, string $sessionName): bool
         return $result;
     }
 
-    public function read(string $sessionId): string
+    public function read(#[\SensitiveParameter] string $sessionId): string
     {
         // No reading from new handler until switch-over
         return $this->currentHandler->read($sessionId);
     }
 
-    public function write(string $sessionId, string $sessionData): bool
+    public function write(#[\SensitiveParameter] string $sessionId, string $sessionData): bool
     {
         $result = $this->currentHandler->write($sessionId, $sessionData);
         $this->writeOnlyHandler->write($sessionId, $sessionData);
 
         return $result;
     }
 
-    public function validateId(string $sessionId): bool
+    public function validateId(#[\SensitiveParameter] string $sessionId): bool
     {
         // No reading from new handler until switch-over
         return $this->currentHandler->validateId($sessionId);
     }
 
-    public function updateTimestamp(string $sessionId, string $sessionData): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $sessionData): bool
     {
         $result = $this->currentHandler->updateTimestamp($sessionId, $sessionData);
         $this->writeOnlyHandler->updateTimestamp($sessionId, $sessionData);
 
@@ -84,7 +84,7 @@ public function close(): bool
         return true;
     }
 
-    protected function doDestroy(string $sessionId): bool
+    protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool
     {
         $this->getCollection()->deleteOne([
             $this->options['id_field'] => $sessionId,
@@ -100,7 +100,7 @@ public function gc(int $maxlifetime): int|false
         ])->getDeletedCount();
     }
 
-    protected function doWrite(string $sessionId, string $data): bool
+    protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');
         $expiry = new UTCDateTime((time() + (int) $ttl) * 1000);
@@ -120,7 +120,7 @@ protected function doWrite(string $sessionId, string $data): bool
         return true;
     }
 
-    public function updateTimestamp(string $sessionId, string $data): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');
         $expiry = new UTCDateTime((time() + (int) $ttl) * 1000);
@@ -136,7 +136,7 @@ public function updateTimestamp(string $sessionId, string $data): bool
         return true;
     }
 
-    protected function doRead(string $sessionId): string
+    protected function doRead(#[\SensitiveParameter] string $sessionId): string
     {
         $dbData = $this->getCollection()->findOne([
             $this->options['id_field'] => $sessionId,
 
@@ -23,27 +23,27 @@ public function close(): bool
         return true;
     }
 
-    public function validateId(string $sessionId): bool
+    public function validateId(#[\SensitiveParameter] string $sessionId): bool
     {
         return true;
     }
 
-    protected function doRead(string $sessionId): string
+    protected function doRead(#[\SensitiveParameter] string $sessionId): string
     {
         return '';
     }
 
-    public function updateTimestamp(string $sessionId, string $data): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         return true;
     }
 
-    protected function doWrite(string $sessionId, string $data): bool
+    protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         return true;
     }
 
-    protected function doDestroy(string $sessionId): bool
+    protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool
     {
         return true;
     }
 
@@ -285,7 +285,7 @@ public function open(string $savePath, string $sessionName): bool
         return parent::open($savePath, $sessionName);
     }
 
-    public function read(string $sessionId): string
+    public function read(#[\SensitiveParameter] string $sessionId): string
     {
         try {
             return parent::read($sessionId);
@@ -305,7 +305,7 @@ public function gc(int $maxlifetime): int|false
         return 0;
     }
 
-    protected function doDestroy(string $sessionId): bool
+    protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool
     {
         // delete the record associated with this id
         $sql = "DELETE FROM $this->table WHERE $this->idCol = :id";
@@ -323,7 +323,7 @@ protected function doDestroy(string $sessionId): bool
         return true;
     }
 
-    protected function doWrite(string $sessionId, string $data): bool
+    protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $maxlifetime = (int) (($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime'));
 
@@ -366,7 +366,7 @@ protected function doWrite(string $sessionId, string $data): bool
         return true;
     }
 
-    public function updateTimestamp(string $sessionId, string $data): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $expiry = time() + (int) (($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime'));
 
@@ -610,7 +610,7 @@ private function rollback(): void
      * We need to make sure we do not return session data that is already considered garbage according
      * to the session.gc_maxlifetime setting because gc() is called after read() and only sometimes.
      */
-    protected function doRead(string $sessionId): string
+    protected function doRead(#[\SensitiveParameter] string $sessionId): string
     {
         if (self::LOCK_ADVISORY === $this->lockMode) {
             $this->unlockStatements[] = $this->doAdvisoryLock($sessionId);
@@ -681,7 +681,7 @@ protected function doRead(string $sessionId): string
      *       - for oci using DBMS_LOCK.REQUEST
      *       - for sqlsrv using sp_getapplock with LockOwner = Session
      */
-    private function doAdvisoryLock(string $sessionId): \PDOStatement
+    private function doAdvisoryLock(#[\SensitiveParameter] string $sessionId): \PDOStatement
     {
         switch ($this->driver) {
             case 'mysql':
@@ -780,7 +780,7 @@ private function getSelectSql(): string
     /**
      * Returns an insert statement supported by the database for writing session data.
      */
-    private function getInsertStatement(string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement
+    private function getInsertStatement(#[\SensitiveParameter] string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement
     {
         switch ($this->driver) {
             case 'oci':
@@ -807,7 +807,7 @@ private function getInsertStatement(string $sessionId, string $sessionData, int
     /**
      * Returns an update statement supported by the database for writing session data.
      */
-    private function getUpdateStatement(string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement
+    private function getUpdateStatement(#[\SensitiveParameter] string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement
     {
         switch ($this->driver) {
             case 'oci':
@@ -834,7 +834,7 @@ private function getUpdateStatement(string $sessionId, string $sessionData, int
     /**
      * Returns a merge/upsert (i.e. insert or update) statement when supported by the database for writing session data.
      */
-    private function getMergeStatement(string $sessionId, string $data, int $maxlifetime): ?\PDOStatement
+    private function getMergeStatement(#[\SensitiveParameter] string $sessionId, string $data, int $maxlifetime): ?\PDOStatement
     {
         switch (true) {
             case 'mysql' === $this->driver:
 
@@ -50,20 +50,20 @@ public function __construct(
         $this->ttl = $options['ttl'] ?? null;
     }
 
-    protected function doRead(string $sessionId): string
+    protected function doRead(#[\SensitiveParameter] string $sessionId): string
     {
         return $this->redis->get($this->prefix.$sessionId) ?: '';
     }
 
-    protected function doWrite(string $sessionId, string $data): bool
+    protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');
         $result = $this->redis->setEx($this->prefix.$sessionId, (int) $ttl, $data);
 
         return $result && !$result instanceof ErrorInterface;
     }
 
-    protected function doDestroy(string $sessionId): bool
+    protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool
     {
         static $unlink = true;
 
@@ -93,7 +93,7 @@ public function gc(int $maxlifetime): int|false
         return 0;
     }
 
-    public function updateTimestamp(string $sessionId, string $data): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         $ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');
 
 
@@ -47,30 +47,30 @@ public function open(string $savePath, string $sessionName): bool
         return $this->handler->open($savePath, $sessionName);
     }
 
-    protected function doRead(string $sessionId): string
+    protected function doRead(#[\SensitiveParameter] string $sessionId): string
     {
         return $this->handler->read($sessionId);
     }
 
-    public function updateTimestamp(string $sessionId, string $data): bool
+    public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         return $this->write($sessionId, $data);
     }
 
-    protected function doWrite(string $sessionId, string $data): bool
+    protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool
     {
         return $this->handler->write($sessionId, $data);
     }
 
-    public function destroy(string $sessionId): bool
+    public function destroy(#[\SensitiveParameter] string $sessionId): bool
     {
         $this->doDestroy = true;
         $destroyed = parent::destroy($sessionId);
 
         return $this->doDestroy ? $this->doDestroy($sessionId) : $destroyed;
     }
 
-    protected function doDestroy(string $sessionId): bool
+    protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool
     {
         $this->doDestroy = false;
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,7 @@ final class SessionUtils`
`25`	`25`	`* Finds the session header amongst the headers that are to be sent, removes it, and returns`
`26`	`26`	`* it so the caller can process it further.`
`27`	`27`	`*/`
`28`		`- public static function popSessionCookie(string $sessionName, string $sessionId): ?string`
	`28`	`+ public static function popSessionCookie(string $sessionName, #[\SensitiveParameter] string $sessionId): ?string`
`29`	`29`	`{`
`30`	`30`	`$sessionCookie = null;`
`31`	`31`	`$sessionCookiePrefix = sprintf(' %s=', urlencode($sessionName));`
Original file line number	Diff line number	Diff line change
`@@ -38,21 +38,21 @@ public function open(string $savePath, string $sessionName): bool`
`38`	`38`	`return true;`
`39`	`39`	`}`
`40`	`40`
`41`		`- abstract protected function doRead(string $sessionId): string;`
	`41`	`+ abstract protected function doRead(#[\SensitiveParameter] string $sessionId): string;`
`42`	`42`
`43`		`- abstract protected function doWrite(string $sessionId, string $data): bool;`
	`43`	`+ abstract protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool;`
`44`	`44`
`45`		`- abstract protected function doDestroy(string $sessionId): bool;`
	`45`	`+ abstract protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool;`
`46`	`46`
`47`		`- public function validateId(string $sessionId): bool`
	`47`	`+ public function validateId(#[\SensitiveParameter] string $sessionId): bool`
`48`	`48`	`{`
`49`	`49`	`$this->prefetchData = $this->read($sessionId);`
`50`	`50`	`$this->prefetchId = $sessionId;`
`51`	`51`
`52`	`52`	`return '' !== $this->prefetchData;`
`53`	`53`	`}`
`54`	`54`
`55`		`- public function read(string $sessionId): string`
	`55`	`+ public function read(#[\SensitiveParameter] string $sessionId): string`
`56`	`56`	`{`
`57`	`57`	`if (isset($this->prefetchId)) {`
`58`	`58`	`$prefetchId = $this->prefetchId;`
`@@ -72,7 +72,7 @@ public function read(string $sessionId): string`
`72`	`72`	`return $data;`
`73`	`73`	`}`
`74`	`74`
`75`		`- public function write(string $sessionId, string $data): bool`
	`75`	`+ public function write(#[\SensitiveParameter] string $sessionId, string $data): bool`
`76`	`76`	`{`
`77`	`77`	`// see https://github.com/igbinary/igbinary/issues/146`
`78`	`78`	`$this->igbinaryEmptyData ??= \function_exists('igbinary_serialize') ? igbinary_serialize([]) : '';`
`@@ -84,7 +84,7 @@ public function write(string $sessionId, string $data): bool`
`84`	`84`	`return $this->doWrite($sessionId, $data);`
`85`	`85`	`}`
`86`	`86`
`87`		`- public function destroy(string $sessionId): bool`
	`87`	`+ public function destroy(#[\SensitiveParameter] string $sessionId): bool`
`88`	`88`	`{`
`89`	`89`	`if (!headers_sent() && filter_var(\ini_get('session.use_cookies'), \FILTER_VALIDATE_BOOL)) {`
`90`	`90`	`if (!isset($this->sessionName)) {`
Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ public function close(): bool`
`37`	`37`	`return $this->handler->close();`
`38`	`38`	`}`
`39`	`39`
`40`		`- public function destroy(string $sessionId): bool`
	`40`	`+ public function destroy(#[\SensitiveParameter] string $sessionId): bool`
`41`	`41`	`{`
`42`	`42`	`return $this->handler->destroy($sessionId);`
`43`	`43`	`}`
`@@ -47,12 +47,12 @@ public function gc(int $maxlifetime): int\|false`
`47`	`47`	`return $this->handler->gc($maxlifetime);`
`48`	`48`	`}`
`49`	`49`
`50`		`- public function read(string $sessionId): string`
	`50`	`+ public function read(#[\SensitiveParameter] string $sessionId): string`
`51`	`51`	`{`
`52`	`52`	`return $this->marshaller->unmarshall($this->handler->read($sessionId));`
`53`	`53`	`}`
`54`	`54`
`55`		`- public function write(string $sessionId, string $data): bool`
	`55`	`+ public function write(#[\SensitiveParameter] string $sessionId, string $data): bool`
`56`	`56`	`{`
`57`	`57`	`$failed = [];`
`58`	`58`	`$marshalledData = $this->marshaller->marshall(['data' => $data], $failed);`
`@@ -64,12 +64,12 @@ public function write(string $sessionId, string $data): bool`
`64`	`64`	`return $this->handler->write($sessionId, $marshalledData['data']);`
`65`	`65`	`}`
`66`	`66`
`67`		`- public function validateId(string $sessionId): bool`
	`67`	`+ public function validateId(#[\SensitiveParameter] string $sessionId): bool`
`68`	`68`	`{`
`69`	`69`	`return $this->handler->validateId($sessionId);`
`70`	`70`	`}`
`71`	`71`
`72`		`- public function updateTimestamp(string $sessionId, string $data): bool`
	`72`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool`
`73`	`73`	`{`
`74`	`74`	`return $this->handler->updateTimestamp($sessionId, $data);`
`75`	`75`	`}`
Original file line number	Diff line number	Diff line change
`@@ -59,19 +59,19 @@ public function close(): bool`
`59`	`59`	`return $this->memcached->quit();`
`60`	`60`	`}`
`61`	`61`
`62`		`- protected function doRead(string $sessionId): string`
	`62`	`+ protected function doRead(#[\SensitiveParameter] string $sessionId): string`
`63`	`63`	`{`
`64`	`64`	`return $this->memcached->get($this->prefix.$sessionId) ?: '';`
`65`	`65`	`}`
`66`	`66`
`67`		`- public function updateTimestamp(string $sessionId, string $data): bool`
	`67`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool`
`68`	`68`	`{`
`69`	`69`	`$this->memcached->touch($this->prefix.$sessionId, $this->getCompatibleTtl());`
`70`	`70`
`71`	`71`	`return true;`
`72`	`72`	`}`
`73`	`73`
`74`		`- protected function doWrite(string $sessionId, string $data): bool`
	`74`	`+ protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool`
`75`	`75`	`{`
`76`	`76`	`return $this->memcached->set($this->prefix.$sessionId, $data, $this->getCompatibleTtl());`
`77`	`77`	`}`
`@@ -89,7 +89,7 @@ private function getCompatibleTtl(): int`
`89`	`89`	`return $ttl;`
`90`	`90`	`}`
`91`	`91`
`92`		`- protected function doDestroy(string $sessionId): bool`
	`92`	`+ protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool`
`93`	`93`	`{`
`94`	`94`	`$result = $this->memcached->delete($this->prefix.$sessionId);`
`95`	`95`
Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ public function close(): bool`
`46`	`46`	`return $result;`
`47`	`47`	`}`
`48`	`48`
`49`		`- public function destroy(string $sessionId): bool`
	`49`	`+ public function destroy(#[\SensitiveParameter] string $sessionId): bool`
`50`	`50`	`{`
`51`	`51`	`$result = $this->currentHandler->destroy($sessionId);`
`52`	`52`	`$this->writeOnlyHandler->destroy($sessionId);`
`@@ -70,27 +70,27 @@ public function open(string $savePath, string $sessionName): bool`
`70`	`70`	`return $result;`
`71`	`71`	`}`
`72`	`72`
`73`		`- public function read(string $sessionId): string`
	`73`	`+ public function read(#[\SensitiveParameter] string $sessionId): string`
`74`	`74`	`{`
`75`	`75`	`// No reading from new handler until switch-over`
`76`	`76`	`return $this->currentHandler->read($sessionId);`
`77`	`77`	`}`
`78`	`78`
`79`		`- public function write(string $sessionId, string $sessionData): bool`
	`79`	`+ public function write(#[\SensitiveParameter] string $sessionId, string $sessionData): bool`
`80`	`80`	`{`
`81`	`81`	`$result = $this->currentHandler->write($sessionId, $sessionData);`
`82`	`82`	`$this->writeOnlyHandler->write($sessionId, $sessionData);`
`83`	`83`
`84`	`84`	`return $result;`
`85`	`85`	`}`
`86`	`86`
`87`		`- public function validateId(string $sessionId): bool`
	`87`	`+ public function validateId(#[\SensitiveParameter] string $sessionId): bool`
`88`	`88`	`{`
`89`	`89`	`// No reading from new handler until switch-over`
`90`	`90`	`return $this->currentHandler->validateId($sessionId);`
`91`	`91`	`}`
`92`	`92`
`93`		`- public function updateTimestamp(string $sessionId, string $sessionData): bool`
	`93`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $sessionData): bool`
`94`	`94`	`{`
`95`	`95`	`$result = $this->currentHandler->updateTimestamp($sessionId, $sessionData);`
`96`	`96`	`$this->writeOnlyHandler->updateTimestamp($sessionId, $sessionData);`
D306
Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,7 @@ public function close(): bool`
`84`	`84`	`return true;`
`85`	`85`	`}`
`86`	`86`
`87`		`- protected function doDestroy(string $sessionId): bool`
	`87`	`+ protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool`
`88`	`88`	`{`
`89`	`89`	`$this->getCollection()->deleteOne([`
`90`	`90`	`$this->options['id_field'] => $sessionId,`
`@@ -100,7 +100,7 @@ public function gc(int $maxlifetime): int\|false`
`100`	`100`	`])->getDeletedCount();`
`101`	`101`	`}`
`102`	`102`
`103`		`- protected function doWrite(string $sessionId, string $data): bool`
	`103`	`+ protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool`
`104`	`104`	`{`
`105`	`105`	`$ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');`
`106`	`106`	`$expiry = new UTCDateTime((time() + (int) $ttl) * 1000);`
`@@ -120,7 +120,7 @@ protected function doWrite(string $sessionId, string $data): bool`
`120`	`120`	`return true;`
`121`	`121`	`}`
`122`	`122`
`123`		`- public function updateTimestamp(string $sessionId, string $data): bool`
	`123`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool`
`124`	`124`	`{`
`125`	`125`	`$ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');`
`126`	`126`	`$expiry = new UTCDateTime((time() + (int) $ttl) * 1000);`
`@@ -136,7 +136,7 @@ public function updateTimestamp(string $sessionId, string $data): bool`
`136`	`136`	`return true;`
`137`	`137`	`}`
`138`	`138`
`139`		`- protected function doRead(string $sessionId): string`
	`139`	`+ protected function doRead(#[\SensitiveParameter] string $sessionId): string`
`140`	`140`	`{`
`141`	`141`	`$dbData = $this->getCollection()->findOne([`
`142`	`142`	`$this->options['id_field'] => $sessionId,`
Original file line number	Diff line number	Diff line change
`@@ -23,27 +23,27 @@ public function close(): bool`
`23`	`23`	`return true;`
`24`	`24`	`}`
`25`	`25`
`26`		`- public function validateId(string $sessionId): bool`
	`26`	`+ public function validateId(#[\SensitiveParameter] string $sessionId): bool`
`27`	`27`	`{`
`28`	`28`	`return true;`
`29`	`29`	`}`
`30`	`30`
`31`		`- protected function doRead(string $sessionId): string`
	`31`	`+ protected function doRead(#[\SensitiveParameter] string $sessionId): string`
`32`	`32`	`{`
`33`	`33`	`return '';`
`34`	`34`	`}`
`35`	`35`
`36`		`- public function updateTimestamp(string $sessionId, string $data): bool`
	`36`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool`
`37`	`37`	`{`
`38`	`38`	`return true;`
`39`	`39`	`}`
`40`	`40`
`41`		`- protected function doWrite(string $sessionId, string $data): bool`
	`41`	`+ protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool`
`42`	`42`	`{`
`43`	`43`	`return true;`
`44`	`44`	`}`
`45`	`45`
`46`		`- protected function doDestroy(string $sessionId): bool`
	`46`	`+ protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool`
`47`	`47`	`{`
`48`	`48`	`return true;`
`49`	`49`	`}`
Original file line number	Diff line number	Diff line change
`@@ -285,7 +285,7 @@ public function open(string $savePath, string $sessionName): bool`
`285`	`285`	`return parent::open($savePath, $sessionName);`
`286`	`286`	`}`
`287`	`287`
`288`		`- public function read(string $sessionId): string`
	`288`	`+ public function read(#[\SensitiveParameter] string $sessionId): string`
`289`	`289`	`{`
`290`	`290`	`try {`
`291`	`291`	`return parent::read($sessionId);`
`@@ -305,7 +305,7 @@ public function gc(int $maxlifetime): int\|false`
`305`	`305`	`return 0;`
`306`	`306`	`}`
`307`	`307`
`308`		`- protected function doDestroy(string $sessionId): bool`
	`308`	`+ protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool`
`309`	`309`	`{`
`310`	`310`	`// delete the record associated with this id`
`311`	`311`	`$sql = "DELETE FROM $this->table WHERE $this->idCol = :id";`
`@@ -323,7 +323,7 @@ protected function doDestroy(string $sessionId): bool`
`323`	`323`	`return true;`
`324`	`324`	`}`
`325`	`325`
`326`		`- protected function doWrite(string $sessionId, string $data): bool`
	`326`	`+ protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool`
`327`	`327`	`{`
`328`	`328`	`$maxlifetime = (int) (($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime'));`
`329`	`329`
`@@ -366,7 +366,7 @@ protected function doWrite(string $sessionId, string $data): bool`
`366`	`366`	`return true;`
`367`	`367`	`}`
`368`	`368`
`369`		`- public function updateTimestamp(string $sessionId, string $data): bool`
	`369`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool`
`370`	`370`	`{`
`371`	`371`	`$expiry = time() + (int) (($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime'));`
`372`	`372`
`@@ -610,7 +610,7 @@ private function rollback(): void`
`610`	`610`	`* We need to make sure we do not return session data that is already considered garbage according`
`611`	`611`	`* to the session.gc_maxlifetime setting because gc() is called after read() and only sometimes.`
`612`	`612`	`*/`
`613`		`- protected function doRead(string $sessionId): string`
	`613`	`+ protected function doRead(#[\SensitiveParameter] string $sessionId): string`
`614`	`614`	`{`
`615`	`615`	`if (self::LOCK_ADVISORY === $this->lockMode) {`
`616`	`616`	`$this->unlockStatements[] = $this->doAdvisoryLock($sessionId);`
`@@ -681,7 +681,7 @@ protected function doRead(string $sessionId): string`
`681`	`681`	`* - for oci using DBMS_LOCK.REQUEST`
`682`	`682`	`* - for sqlsrv using sp_getapplock with LockOwner = Session`
`683`	`683`	`*/`
`684`		`- private function doAdvisoryLock(string $sessionId): \PDOStatement`
	`684`	`+ private function doAdvisoryLock(#[\SensitiveParameter] string $sessionId): \PDOStatement`
`685`	`685`	`{`
`686`	`686`	`switch ($this->driver) {`
`687`	`687`	`case 'mysql':`
`@@ -780,7 +780,7 @@ private function getSelectSql(): string`
`780`	`780`	`/**`
`781`	`781`	`* Returns an insert statement supported by the database for writing session data.`
`782`	`782`	`*/`
`783`		`- private function getInsertStatement(string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement`
	`783`	`+ private function getInsertStatement(#[\SensitiveParameter] string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement`
`784`	`784`	`{`
`785`	`785`	`switch ($this->driver) {`
`786`	`786`	`case 'oci':`
`@@ -807,7 +807,7 @@ private function getInsertStatement(string $sessionId, string $sessionData, int`
`807`	`807`	`/**`
`808`	`808`	`* Returns an update statement supported by the database for writing session data.`
`809`	`809`	`*/`
`810`		`- private function getUpdateStatement(string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement`
	`810`	`+ private function getUpdateStatement(#[\SensitiveParameter] string $sessionId, string $sessionData, int $maxlifetime): \PDOStatement`
`811`	`811`	`{`
`812`	`812`	`switch ($this->driver) {`
`813`	`813`	`case 'oci':`
`@@ -834,7 +834,7 @@ private function getUpdateStatement(string $sessionId, string $sessionData, int`
`834`	`834`	`/**`
`835`	`835`	`* Returns a merge/upsert (i.e. insert or update) statement when supported by the database for writing session data.`
`836`	`836`	`*/`
`837`		`- private function getMergeStatement(string $sessionId, string $data, int $maxlifetime): ?\PDOStatement`
	`837`	`+ private function getMergeStatement(#[\SensitiveParameter] string $sessionId, string $data, int $maxlifetime): ?\PDOStatement`
`838`	`838`	`{`
`839`	`839`	`switch (true) {`
`840`	`840`	`case 'mysql' === $this->driver:`
Original file line number	Diff line number	Diff line change
`@@ -50,20 +50,20 @@ public function __construct(`
`50`	`50`	`$this->ttl = $options['ttl'] ?? null;`
`51`	`5 38BA 1`	`}`
`52`	`52`
`53`		`- protected function doRead(string $sessionId): string`
	`53`	`+ protected function doRead(#[\SensitiveParameter] string $sessionId): string`
`54`	`54`	`{`
`55`	`55`	`return $this->redis->get($this->prefix.$sessionId) ?: '';`
`56`	`56`	`}`
`57`	`57`
`58`		`- protected function doWrite(string $sessionId, string $data): bool`
	`58`	`+ protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool`
`59`	`59`	`{`
`60`	`60`	`$ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');`
`61`	`61`	`$result = $this->redis->setEx($this->prefix.$sessionId, (int) $ttl, $data);`
`62`	`62`
`63`	`63`	`return $result && !$result instanceof ErrorInterface;`
`64`	`64`	`}`
`65`	`65`
`66`		`- protected function doDestroy(string $sessionId): bool`
	`66`	`+ protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool`
`67`	`67`	`{`
`68`	`68`	`static $unlink = true;`
`69`	`69`
`@@ -93,7 +93,7 @@ public function gc(int $maxlifetime): int\|false`
`93`	`93`	`return 0;`
`94`	`94`	`}`
`95`	`95`
`96`		`- public function updateTimestamp(string $sessionId, string $data): bool`
	`96`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool`
`97`	`97`	`{`
`98`	`98`	`$ttl = ($this->ttl instanceof \Closure ? ($this->ttl)() : $this->ttl) ?? \ini_get('session.gc_maxlifetime');`
`99`	`99`
Original file line number	Diff line number	Diff line change
`@@ -47,30 +47,30 @@ public function open(string $savePath, string $sessionName): bool`
`47`	`47`	`return $this->handler->open($savePath, $sessionName);`
`48`	`48`	`}`
`49`	`49`
`50`		`- protected function doRead(string $sessionId): string`
	`50`	`+ protected function doRead(#[\SensitiveParameter] string $sessionId): string`
`51`	`51`	`{`
`52`	`52`	`return $this->handler->read($sessionId);`
`53`	`53`	`}`
`54`	`54`
`55`		`- public function updateTimestamp(string $sessionId, string $data): bool`
	`55`	`+ public function updateTimestamp(#[\SensitiveParameter] string $sessionId, string $data): bool`
`56`	`56`	`{`
`57`	`57`	`return $this->write($sessionId, $data);`
`58`	`58`	`}`
`59`	`59`
`60`		`- protected function doWrite(string $sessionId, string $data): bool`
	`60`	`+ protected function doWrite(#[\SensitiveParameter] string $sessionId, string $data): bool`
`61`	`61`	`{`
`62`	`62`	`return $this->handler->write($sessionId, $data);`
`63`	`63`	`}`
`64`	`64`
`65`		`- public function destroy(string $sessionId): bool`
	`65`	`+ public function destroy(#[\SensitiveParameter] string $sessionId): bool`
`66`	`66`	`{`
`67`	`67`	`$this->doDestroy = true;`
`68`	`68`	`$destroyed = parent::destroy($sessionId);`
`69`	`69`
`70`	`70`	`return $this->doDestroy ? $this->doDestroy($sessionId) : $destroyed;`
`71`	`71`	`}`
`72`	`72`
`73`		`- protected function doDestroy(string $sessionId): bool`
	`73`	`+ protected function doDestroy(#[\SensitiveParameter] string $sessionId): bool`
`74`	`74`	`{`
`75`	`75`	`$this->doDestroy = false;`
`76`	`76`